Vulnerability Development mailing list archives
Re: Format String Bugs/Remote Shellcode
From: Crispin Cowan <crispin () WIREX COM>
Date: Sun, 4 Feb 2001 17:47:21 -0800
Barry Russell wrote:
I was wondering if anyone knows any good texts on Format String Bugs and texts on constructing shellcode for remote exploits? Please help anyway you can, thanks.
As it happens, I'm in the final stages of writing a FormatGuard paper. Here's the URLs from our related work section: * http://plan9.hert.org/papers/format.html * http://www.guardent.com/rd_whtpr_formatNewsham.html * http://julianor.tripod.com/usfs.html * http://oliver.efri.hr/~crv/security/bugs/mUNIXes/format3.html * http://security-archive.merton.ox.ac.uk/security-audit-200009/0084.html * http://www.striker.ottawa.on.ca/~aland/pscan/ * http://www.atstake.com/research/advisories/2000/a101200-1.txt Crispin -- Crispin Cowan, Ph.D. Chief Research Scientist, WireX Communications, Inc. http://wirex.com Free Hardened Linux Distribution: http://immunix.org
Current thread:
- Format String Bugs/Remote Shellcode Barry Russell (Feb 04)
- Re: Format String Bugs/Remote Shellcode Robert van der Meulen (Feb 04)
- Re: Format String Bugs/Remote Shellcode Crispin Cowan (Feb 04)